I’m shooting for a general-access main server with two individual fixed-size folders requiring unique user/pass access.
I’m fairly new at TrueNAS so combining smb/iscsi may be the wrong thought path entirely. (Maybe create two folders within the smb folder?)
Any suggestions would be appreciated.
It probably is. Why are you even considering iSCSI? Is it just for the sake of differentiating user access? In that case, two SMB shares, one user has access to one, the other user has access to the other…
But, would the bulk of the server storage still be accessible to all?
Giving two individuals access to all isn’t my plan.
It sort of seemed two Zvols plus a main server volume was the way to go.
I’m thinking of something like two individual clouds on an otherwise public server.
It would be accessible to whomever you make it accessible to.
What makes you think iSCSI should be in any way involved?
I don’t know the correct parameters to describe the goal.
Split one RAID array into three smd sections with three seperate addresses seems like a brute force workaround.
This is sort of a looking for a tool to drive nails but have never heard of a hammer inquery.
One server with general access, and two limited access compartments.
It seems to me using Zvol I couid somehow just devide the RAID array
into three sections, one general access…With only one network address?
I don’t know the correct question.
The word you’re looking for is: “Permissions”.
You aren’t splitting anything, and it isn’t anything like brute force. From what you’ve described, you want three shares, with different levels of access to each. That’s the most natural thing in the world, and among the simpler possible configurations of a NAS. If you want to limit the size of one or more of those shares, again, easy enough. All on the same network address, all with the same protocol.
For the third time, what made you think iSCSI was in any way called for here? Unless you’ve done an exceptionally-poor job of explaining what you’re trying to accomplish (and I don’t think you have; it sounds very straightforward), iSCSI shouldn’t be anywhere near the solutions you’d be considering.
How about:
Enter a network address from any network comp, user/pass permissions gets you into a general access area.
It would be desireable to have one or more folders within that area that when clicked would require an additional user/pass permission to access.
These secondary folders being of a fixed size would be desirable so they cannot gobble-up all the RAID array storage, but not deal breaker if unlimited.
The word you’re looking for here is “quota.” TrueNAS has supported them since forever.
Permissions don’t really work that way. Imagine you have users A, B, and C, with shares 1, 2, and 3. User A has access to share 1. User B has access to shares 1 and 2; User C has access to shares 1 and 3. Each user logs in with his respective username and password, and is given access to the the appropriate share(s).
OK, That sounds like the right concept.
So this requires three Pools? Paths? Both? I’m still missing the point?
My experience is limited to one RAIDz array accessible to everybody equally.
Not at all–you can have any number of shares on a single pool.
Apparently I’m thinking elephants instead of mice.
Can I set up more shares on a RAID array pool that already has data on it or do I need to add these fixed size shares from a clean-slate build?
You can add shares at any time, and you can set or adjust quotas at any time.
I added three users with different passwords. I see three folders for these users. All folders are accessible to everybody.
How do I require a different password to open each folder?
I appreciate any help on this issue, TrueNAS has a learning curve that I’m not tuned into.
This is the “Credentials” part of the documentation, managing users and groups.
You want three shares. One that is accessible (read-write-execute) to everyone in the group to which all users belong—or plainly to everyone. And two shares which are accessible only to a single user, not to the group, not to everyone.
This implies that the two special users will actually see two “folders”: One that is accessible to everyone (if that’s what you want), and one private folder which no one else can access.
The plan is to have a warehouse partition where raw materials are stored and accessible to everybody (artwork, statistics, useful bits and pieces).
Seperate folders for individual projects made from raw materials moved into these folders from the warehouse partition that others can’t screw around with and a fixed size workspace for each individual folder.
I guess I don’t grasp the TrueNAS “permissions” concept from the correct viewpoint.
I set up a computer with a 128GB SSD running TrueNAS 13.0-U6.7, which has two mirrored 1TB SSDs and a separate static IP address. This is just a disposable proof-of-concept arrangement.
My real server has a 4 8TB HDD RAIDz Array.
I’ve reloaded the throwaway TrueNAS system about three times now, trying to establish partitions 1 and 2 as fixed 100GB separate restricted access partitions, with partition 3 designated for all remaining storage space and “public” access.
I now have a fourth, static address only, virgin system ready to mangle.
Can Zvol be used with SMB?
Zvol is block storage: This is used for VMs and iSCSI shares.
For the umpteenth time: What makes you think that zvols/iSCSI would help?[1] What’s the thought process?
“Partition” is not the right terminology.
These should be “datasets”, and then you set up three “shares” from the three datsets.
Two of the datsets have “quotas”.
It won’t. And iSCSI is a resource hog. ↩︎
Looking for dogs when I should be looking for K9s might be part of my problem.
My brain is more hardware oriented than software oriented.
Zvol for a SMB server is out, one less wrong turn.
Start by creating three datasets? or one dataset with three shares?
Shares are based on datasets, so you need multiple datasets, nested or flat, to have shares with different parameters.
I’m not too familiar with SMB (prefer Unix and NFS…), but I tried setting up a few users and two datasets and shares. (Screenshots are from my test Fangtooth system, if that matters.)
Under Datasets I create two datasets, “common” and “private” and tick the SMB preset; this automatically create corresponding shares.
Under Shares, I then click on Edit and leave “common” as a default share, accessible to all,
but set “private” to the “Private SMB Datasets and Shares”
Upon first logging, TrueNAS automatically creates a child dataset in “private” for the user. So I logged as user “alice” and then user “bob”, created folders and copied files unders these personalities.
As administrator, I went back to Datasets to set quotas on the private user datsets of Alice and Bob. (Hopefully, someone can chime in and point to a template system so that user datsets are automatically created with an individual quota and do not require manual adjustment afterwards… I said I’m not familiar with SMB shares.)
End result: Alice can create folders and copy files into the common share and into her private share. Bob can create folders and copy files into the common share and into his private share. Alice and Bob can see all files and folders in the common share; Bob copied into his private share the file ‘AtomicPi.pdf’ that was first by Alice put into the common share; Alice and Bob each only see their own files in the private share.
Logged in as Alice:
Logged in as Bob:
You can see that “common” potentially has the whole space in this 1 TB pool but that private shares are limited to 60 or 50 GiB.
I had created a “test” group, of which Alice, Bob and their friend Charlie were members, but using presets I actually did not need to manually set group and user pemissions for the shares.
3 Likes
The multiple datasets seemed clunky to me, but I could see no other way.
I’ll take another stab at it today. Hopefully I’ll only need to wipe the boot drive a couple more times. (I did learn that the drive has to be formatted each time, just erasing the directory leaves all the previous screw-ups lurking about.)